Bleeping Computer

Emotet malware now installs via PowerShell in Windows shortcut files

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. The ...
CSOonline

Windows shortcuts’ use as a vector for malware may be cut short

A third-party patch management company is cutting short attackers’ use of LNK files to smuggle in malicious commands, while Microsoft prefers to tell the whole story. A longstanding problem with the ...
Infosecurity-magazine.com

Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups

A newly discovered cyber vulnerability, ZDI-CAN-25373, has been actively exploited by 11 state-sponsored threat groups from North Korea, Iran, Russia and China since 2017. According to the Trend Zero ...
Computerworld

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
Ars Technica

Can someone analyze this MALWARE string?

Suspicious Activity: The obfuscation, especially with creating and executing a file in the %TMP% directory (a common place for malware), suggests this script could be part of a malicious payload. The ...
CSOonline

Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw

Chinese hackers have been spotted targeting European diplomats using a longstanding Windows shortcut vulnerability that’s been popular with threat groups as far back as 2017. According to security ...
IBTimes UK

Microsoft Issues Unannounced Patch for Zero-Day LNK Vulnerability Used in Real-World Attacks

Microsoft's secret patch fixes 8-Year LNK zero-day exploited by hackers Angel Bena : Pexels Cybersecurity experts warn of a stealthy Microsoft patch addressing a long-exploited Windows LNK zero-day ...